A BGP peer could send a Route-Refresh message with specially-craftedORF record, which can cause Quagga's bgpd to crash or possibly executearbitrary code with the privileges of the user running Quagga's bgpd; aBGP update AS path request with unknown AS type, or malformedAS-Pathlimit or Extended-Community attributes could lead to Denial ofService (daemon crash), an error in bgpd when handling AS_PATHattributes within UPDATE messages canbe exploited to cause a heap-based buffer overflow resulting in a crashof thedaemon and disruption of IPv4 routing, two errors in ospf6d and ospfdcan each be exploited to crash the daemon and disrupt IP routing.

Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users' machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttps://bugs.gentoo.org.